Energy consumption side-channel attack at Virtual Machines in a Cloud

Abstract : Virtualized data centers where several virtual machines (VMs) are hosted per server are becoming more popular due to Cloud Computing. As a consequence of energy efficiency concerns, the exact combination of VMs running on a specific server will most likely change over time. We present experimental results how to use the energy/power consumption logs of a power monitored server as a side-channel that allows us to recognize the exact combination of VMs it currently hosts to a high degree. For classification, we use a maximum log-likelihood approach, which works well for comparably small training and test set sizes. We also show to which degree a specific VM can be recognized, regardless of other VMs currently running on the same server, and show false negative/positive rates. To cross-validate our results, we have used a Kolmogorov-Smirnov test, resulting in comparable quality of recognition within shorter time. In order to clarify whether our approach is generalizable and yields reproducible results, we have set up a second experimental infrastructure in Lyon, using a different hardware platform and power measurement device. We have obtained similar results and have experimented with different CPU frequency scaling governors, yielding comparable quality of recognition. As a result, energy consumption data of servers must be protected carefully, as it is potentially valuable information for an attacker trying to track down a VM to mount further attack steps.
Document type :
Conference papers
Liste complète des métadonnées
Contributor : Anne-Cécile Orgerie <>
Submitted on : Wednesday, October 5, 2011 - 6:15:51 PM
Last modification on : Friday, April 20, 2018 - 3:44:26 PM




Helmut Hlavacs, Thomas Treutner, Jean-Patrick Gelas, Laurent Lefèvre, Anne-Cécile Orgerie. Energy consumption side-channel attack at Virtual Machines in a Cloud. International Conference on Cloud and Green Computing (CGC), Dec 2011, Sydney, Australia. pp.605 - 612, ⟨10.1109/DASC.2011.110⟩. ⟨ensl-00629427⟩



Record views